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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and listings, of claims in tiie 
application: 

Listing of Claims: 

1. (currently amended) An apparatus to be connected between a network access unit 
and a network to be protected, for protecting legitimate traffic from DoS (denial of service) and 
DDoS (distributed denial of service) attacks, said apparatus comprising: 

a high-priority queue; 

a low-priority queue; 

a queue information table having, for each specific STT (source-based traffic trunk), 

previous load infomiation, and 

a service queue for a specific packet having the specific STT, wherein the 
service queue is the high-priority queue or the low-priority queue; 
a packet classifier for receiving a packet from the network access unit, searching the queue 
information table for a service queue associated with an STT of the received packet, selectively 
transferring the received packet to the high priority queue or the low priority queue in accordance 
with the service queue, ; 

(a) obtaining an STT of a packet received from the network access unit 

based on a source IP address of the received packet : 

(b) searching the queue information table for the service queue 

corresponding to the STT of the received packet and checking, by the packet classifier, 
whether the service queue is the high-priority queue or the low-priority queue; 

(c) transferring the received packet to the high-priority queue if the 
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service queue is the high-priority queue in the step (b); 

(d) transferring the received packet to the low-priority queue if the 

service queue is the low-priority queue in the step (b); and 

(e) transferring packet information on the received packet to a queue 

coordinator; 

[[a]] said queue coordinator for receiving information on the received packet from the 
packet classifier, and updating the service queue associated with the STT of the received packet in 
the queue information table based on (i) a load of the received packet and (ii) the previous load 
information stored in the queue information table in association with the STT of the received 
packet; and 

(f) updating the service queue associated with the STT of the received 

packet in the queue information table, wherein said updating is based on (i) a load of 
the received packet and (ii) the previous load information stored in the queue 
information table in association with the STT of the received packet; 

wherein said updating at (f) comprises: 

(a') calculating an average load of the STT of the received packet based 

on the packet information transferred from the packet classifier; 

(b') selectively resetting the service queue associated with the STT of the 

received packet depending on the calculated average load of the STT of the received 
packet; and 

(c') storing the selectively reset service queue in the queue information 

table; and 

wherein said selectively resetting at (h') further includes: 

(b'l) setting the service queue associated with the STT of the received 

packet to be the low-priority queue if the calculated average load of the STT of the 
received packet is greater than an allowable load when the high-priority queue is in a 
congested state; 
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(b'2) randomly choosing a first STT, which uses the low-priority queue, 
fi'om the queue information table if the service queue associated with the STT of the 
received packet is the high-priority queue; 

(b'3) following the step (b'2), setting a semce queue associated with the 
randomly chosen first STT to be the high-priority queue and the service queue 
associated with the STT of the received packet to be the low-priority queue if the 
average load of the STT of the received packet is greater than that of the randomly 
chosen first STT: 

(b'4) randomly choosing a second STT, which uses the high-priority 
queue, from the queue infonnation table if the service queue associated with the STT 
of the received packet is the low-priority queue; and 

(b'5) following the step (b'4). setting the service queue associated with the 
STT of the received packet to be the high-priority queue and a service queue associated 
with the randomly chosen second STT to be the low-priority queue if the average load 
of the STT of the received packet is smaller than that of the randomly chosen second 
STT; and 

a buffer for buffering outputs of the high-priority queue and the low-priority queue and 
providing the buffered outputs to the network to be protected. 

2. (original) The apparatus of claim 1, wherein the network to be protected comprises a 

server. 

3. (previously presented) The apparatus of claim 1, wherein the information on the 
received packet includes a packet size, a packet arrival time and an STT index representing the STT 
of the received packet. 

4. (previously presented) The apparatus of claim 1, wherein the queue information 
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table has fields including: 
an STT ID field, 
a service queue field, 
an average load field, 
a recent load calculation time field, and 
a total packet size field. 

5. (previously presented) The apparatus of claim 1, wherein a maximum load of both 
the high-priority queue and the low-priority queue is set to be a maximum allowable load of the 
network to be protected. 

6. (original) The apparatus of claim 5, wherein the network to be protected comprises a 

server. 

7. (canceled) 

8. (currently amended) The method of claim [[7]] 13, wherein the network to be 
protected comprises a server. 

9. (canceled) 

10. (currently amended) The method of claim [[9]] 13, wherein the step (e') further 
comprises: 

storing a modified average load in the queue information table. 

11. (currently amended) The method of claim [[9]] 13, wherein the step (a') further 
includes the steps of: 
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(a' 1) calculating a total packet size based on the packet information transferred from the 
packet classifier; 

(a'2) checking whether it is time to recalculate the average load; 

(a'3) if it is time to recalculate the average load in the step (a'2), calculating a new average 
load by using (i) a previous average load and (ii) a current average load based on the total packet 
size, and then proceeding to the step (b'); and 

(a'4) if it is not time to recalculate the average load, proceeding to the step (b'). 

12. (previously presented) The method of claim 11, wherein the packet information 
includes a packet size, a packet arrival time, and an STT index corresponding to the STT of the 
received packet. 

13. (currently amended) A method of protecting legitimate traffic from DoS (denial of 

service) and DDoS (distributed denial of service) attacks, said method being performed by an 
apparatus which is connected between a network access unit and a network to be protected and 
which includes: 

a queue information table having, for each specific STT (source-based traffic trunk), 
previous load information, and 

a service queue for a specific packet having the specific STT. wherein the 
service queue is a high-priority queue or a low-priority queue. 

a queue coordinator, and 

a packet classifier. 

the method comprising the steps of: 

(a) obtaining, by the packet classifier, an STT of a packet received from the network 
access unit based on a source IP address of the received packet ; 

(h) searching, by the packet classifier, the queue information table for the service queue 
corresponding to the STT of the received packet and checking, by the packet classifier, whether the 
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service queue is the high-priority queue or the low-priority queue; 

(c) transferring, by the packet classifier, the received packet to the high-priority queue if 
the service queue is the high-priority queue in the step (b); 

(d) transferring, by the packet classifier, the received packet to the low-priority queue if the 
service queue is the low-priority queue in the step (b); 

(e) transferring, by the packet classifier, packet information on the received packet to the 
queue coordinator; and 

(f) updating, by the queue coordinator, the service queue associated with the STT of the 
received packet in the queue infoimation table, wherein said updating is based on (i) a load of the 
received packet and (ii) the previous load infonnation stored in the queue information table in 
association with the STT of the received packet: 

wherein the step (f) comprises the following steps performed by the queue coordinator : 

(a') calculating an average load of the STT of the received packet based on the packet 
information transferred from the packet classifier; 

Cb') selectively resetting the service queue associated with the STT of the received packet 
depending on the calculated average load of the STT of the received packet; 

Cc') calculating an average load of the high-priority queue; 

(d') selectively resetting a service queue associated with a certain STT depending on the 
calculated average load of the high-priority queue; and 

(e') storing the selectively reset service queue in the queue information table; and 
The method of claim 9, wherein the step (b') further includes the steps of: 
(b'l) setting the service queue associated with the STT of the received packet to be the low- 
priority queue if the calculated average load of the STT of the received packet is greater than an 
allowable load when the high-priority queue is in a congested state; 

(b'2) randomly choosing a first STT, which uses the low-priority queue, from the queue 
information table if the service queue associated with the STT of the received packet is the high- 
priority queue; 
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(b'3) following the step (b'2), setting a service queue associated with the randomly chosen 
first STT to be the high-priority queue and the service queue associated with the STT of the 
received packet to be the low-priority queue if the average load of the STT of the received packet is 
greater than that of the randomly chosen first STT; 

(b'4) randomly choosing a second STT, which uses the high-priority queue, from the queue 
information table if the service queue associated with the STT of the received packet is the low- 
priority queue; and 

(b'5) following the step (b'4), setting the service queue associated with the STT of the 
received packet to be the high-priority queue and a sei-vice queue associated with the randomly 
chosen second STT to be the low-priority queue if the average load of the STT of the received 
packet is smaller than that of the randomly chosen second STT. 

14. (currently amended) The method of claim [[9]] 13, wherein the step (c') further 
includes the steps of: 

(c'l) determining whether the service queue associated with the STT of the received packet 
after the selective resetting in the step (b') is the high-priority queue or the low-priority queue ; 

(c'2) calculating a total packet size served through the high-priority queue if the service 
queue associated with the STT of the received packet is the high-priority queue; 

(c'3) calculating the average load of the high-priority queue if it is time to recalculate the 
average load of the high-priority queue; and 

(c'4) proceeding to the step (d'). 

15. (currently amended) A method of protecting legitimate traffic from DoS (denial of 
service) and DDoS (distributed denial of service) attacks, said method being performed by an 
apparatus which is connected between a network access unit and a network to be protected and 
which includes: 

a queue information table having, for each specific STT (source-based traffic trunk), 
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previous load information, and 

a service queue for a specific packet having the specific STT, wherein the 
service queue is a high-priority queue or a low-priority queue, 
a queue coordinator, and 
a packet classifier, 
the method comprising the steps of: 

(a) obtaining, by the packet classifier, an STT of a packet received from the network 
access unit based on a source IP address of the received packet ; 

(b) searching, by the packet classifier, the queue infomiation table for the service queue 
corresponding to the STT of the received packet and checking, by the packet classifier, whether the 
service queue is the high-priority queue or the low-priority queue: 

(c) transferring, by the packet classifier, the received packet to the high-priority queue if 
the service queue is the high-priority queue in the step (h): 

(d) transferring, by the packet classifier, the received packet to the low-priority queue if the 
service queue is the low-priority queue in the step (b): 

(e) transferring, by the packet classifier, packet information on the received packet to the 
queue coordinator: and 

(f) updating, by the queue coordinator, the service queue associated with the STT of the 
received packet in the queue information table, wherein said updating is based on (i) a load of the 
received packet and (ii) the previous load information stored in the queue information table in 
association with the STT of the received packet: 

wherein the step (f) comprises the following steps performed by the queue coordinator : 

(a') calculating an average load of the STT of the received packet based on the packet 
information transferred from the packet classifier: 

(h') selectively resetting the service queue associated with the STT of the received packet 
depending on the calculated average load of the STT of the received packet: 

(c') calculating an average load of the high-priority queue: 
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(d') selectively resetting a service queue associated with a certain STT depending on the 
calculated average load of the high-priority queue; and 

(e') storing the selectively reset service queue in the queue information table; and 

The method of claim 9, wherein the step (d') includes the steps of: 

(d'l) obtaining the calculated average load of the high-priority queue from the step (c'); 

(d'2) randomly choosing one STT, which uses the high-priority queue, and setting a service 
queue of the randomly chosen STT to the low-priority queue if the calculated average load of the 
high-priority queue indicates that the high-priority queue is in a congested state; 

(d'3) randomly choosing one STT, which uses the low-priority queue, and setting a service 
queue of the randomly chosen STT to the high-priority queue if the calculated average load of the 
high-priority queue indicates that the high-priority queue is in an idle state; and 

(d'4) proceeding to the step (e') if the calculated average load of the high-priority queue 
indicates that the high-priority queue is in a stable state or when one of the steps of (d'2) and (d'3) is 
performed. 

16. (canceled) 

17. (currently amended) A method of protecting legitimate traffic from DoS (denial of 
service) and DDoS (distributed denial of service) attacks, said method being performed by an 
apparatus which is connected between a network access unit and a network to be protected and 

which includes: 

a queue information table having, for each specific STT (source-based traffic trunk), 
previous load information, and 

a service queue for a specific packet having the specific STT, wherein the 
service queue is a high-priority queue or a low-priority queue, 
a queue coordinator, and 
a packet classifier. 
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the method comprising the steps of: 

(a) obtaining, by the packet classifier, an STT of a packet received from the network 
access unit based on a source IP address of the received packet : 

(b) searching, by the packet classifier, the queue infomnation table for the service queue 
corresponding to the STT of the received packet and checking, by the packet classifier, whether the 
service queue is the high-priority queue or the low-priority queue; 

(c) transferring, by the packet classifier, the received packet to the high-priority queue if 
the service queue is the high-prioritv queue in the step (b): 

(d) transfeiiing, by the packet classifier, the received packet to the low-priority queue if the 
service queue is the low-priority queue in the step (b); 

(e) transfeiiing. by the packet classifier, packet information on the received packet to the 
queue coordinator: and 

(f) updating, by the queue coordinator, the service queue associated with the STT of the 
received packet in the queue information table, wherein said updating is based on (i) a load of the 
received packet and (ii) the previous load information stored in the queue information table in 
association with the STT of the received packet; 

wherein the step (f) comprises the following steps performed by the queue coordinator: 
(a') calculating an average load of the STT of the received packet based on the packet 
information transferred from the packet classifier; 

(h') selectively resetting the service queue associated with the STT of the received packet 
depending on the calculated average load of the STT of the received packet; and 

(c') storing the selectively reset service queue in the queue information table; and 
The method of claim 16, wherein the step (b') further includes the steps of: 
(b'l) setting the service queue associated with the STT of the received packet to be the low- 
priority queue if the calculated average load of the STT of the received packet is greater than an 
allowable load when the high-priority queue is in a congested state; 

(b'2) randomly choosing a first STT, which uses the low-priority queue, from the queue 
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information table if the service queue associated with the STT of the received packet is the high- 
priority queue; 

(b'3) following the step (b'2), setting a service queue associated with the randomly chosen 
first STT to be the high-priority queue and the service queue associated with the STT of the 
received packet to be the low-priority queue if the average load of the STT of the received packet is 
greater than that of the randomly chosen first STT; 

(b'4) randomly choosing a second STT, which uses the high-priority queue, from the queue 
information table if the service queue associated with the STT of the received packet is the low- 
priority queue; and 

(b'5) following the step (b'4), setting the service queue associated with the STT of the 
received packet to be the high-priority queue and a sei-vice queue associated with the randomly 
chosen second STT to be the low-priority queue if the average load of the STT of the received 
packet is smaller than that of the randomly chosen second STT. 

18. (previously presented) The method of claim 17, wherein the step (f) further 
comprises the following steps performed by the queue coordinator after the steps (a') and (b') and 
before the step (c'): 

(d') calculating an average load of the high-priority queue; and 

(e') selectively resetting a service queue associated with a certain STT depending on the 
calculated average load of the high-priority queue. 

19. (previously presented) The method of claim 18, wherein the step (e') includes the 
steps of: 

(e' 1) obtaining the calculated average load of the high-priority queue from the step (d'); 

(e'2) randomly choosing one STT, which uses the high-priority queue, and setting a 
service queue of the randomly chosen STT to the low-priority queue if the calculated average load 
of the high-priority queue indicates that the high-priority queue is in a congested state; 
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(e'3) randomly choosing one STT, which uses the low-priority queue, and setting a 
service queue of the randomly chosen STT to the high-priority queue if the calculated average load 
of the high-priority queue indicates that the high-priority queue is in an idle state; and 

(e'4) proceeding to the step (c') if the calculated average load of the high-priority queue 
indicates that the high-priority queue is in a stable state or when one of the steps of (e'2) and (e'3) is 
performed. 

20. (previously presented) The method of claim 19, wherein the step (d') further 
includes the steps of: 

(d'l) determining whether the service queue associated with the STT of the received 
packet after the selective resetting in the step (b') is the high-priority queue or the low-priority 
queue; 

(d'2) calculating a total packet size served through the high-priority queue if the service 
queue associated with the STT of the received packet is the high-priority queue; 

(d'3) calculating the average load of the high-priority queue if it is time to recalculate the 
average load of the high-priority queue; and 

(d'4) proceeding to the step (e'). 

21 . (new) The apparatus of claim 1 , being a networked computer system. 

22. (new) The apparatus of claim 1, further comprising at least a network interface for 
network connection to the network access unit and the network to be protected. 

23. (new) The method of claim 13, wherein the apparatus is a networked computer 

system. 

24. (new) The method of claim 13, wherein the apparatus further comprises at least a 
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network interface in network connection with the network access unit and the network to be 
protected. 
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